7步走，保护你的网络隐私安全

There are more reasons than ever to understand how to protect your personal information.

现在比过去任何时候都更需要搞清楚如何保护你的个人信息。

Major hacks seem ever more frequent. Investigators believe that a set of top-secret National Security Agency hacking tools were offered to online bidders this summer.

大规模的黑客袭击似乎比以前更加频繁了。调查人员相信，一系列绝密国家安全机构黑客工具在今年夏天被提供给了网上的竞拍者。

And many of those worried about expanded government surveillance by the N.S.A. and other agencies have taken steps to secure their communications.

他们中有许多人对美国国家安全局(NSA)和其他政府机构不断扩大的监控感到担忧，开始采取措施，保障自身的通信安全。

In a recent Medium post, Quincy Larson, the founder of Free Code Camp, an open-source community for learning to code, detailed the reasons it might be useful for people to make their personal data more difficult for attackers to access.

“When I use the term ‘attacker’ I mean anyone trying to access your data whom you haven’t given express permission to,” he wrote. “Whether it’s a hacker, a corporation, or even a government.”

“这里的‘袭击者’，是指任何未经你的允许试图获取你的数据的人，”他写道。“不管它是黑客、企业，还是政府。”

In an interview, Mr. Larson walked us through some of the basic steps he recommended. We added a few of our own, based on additional interviews.

在接受采访时，拉森给我介绍了一些他推荐的基本步骤。我们基于其他采访又增添了几条自己的建议。

We encourage you to write back with feedback on this article. If the instructions are too vague, the apps aren’t working for you or you have additional questions, we want to hear about it.

我们鼓励你就这篇文章写下反馈发给我们。如果你觉得文字说明不够清楚，应用不起作用，或有其他疑问，我们也很乐于知道。

Now, let’s encrypt.

现在，让我们开始加密。

1. Download Signal, or Start Using WhatsApp to send text messages.

1.下载Signal，或使用WhatsApp发送短信。

Encryption is a fancy computer-person word for scrambling your data until no one can understand what it says without a key. But encrypting is more complex than just switching a couple of letters around.

加密是一个高大上的计算机术语，意思是对你的数据加以处理，直到没有密钥就没有人能理解它为止。但加密绝不仅仅是调换几个字母那么简单。

Mr. Larson said that by some estimates, with the default encryption scheme that Apple uses, “you’d have to have a supercomputer crunching day and night for years to be able to unlock a single computer.”

拉尔森说，据估计，使用苹果的默认加密方案，“你必须有一台超级计算机昼夜不停的运转很多年，才能解锁一台计算机。”

He said that the best way to destroy data was not to delete it, because it could potentially be resurrected from a hard drive, but to encode it in “a secure form of cryptography.”

他说，销毁数据的最佳方法是不删除数据，而是以“加密安全形式”进行编码，因为删除的数据可以从硬盘驱动器里恢复。

Signal is one of the most popular apps for those who want to protect their text messaging. It is free and extremely easy to use. And unlike Apple’s iMessage, which is also encrypted, the code it uses to operate is open-source.

Your phone may be the device that lives in your pocket, but Mr. Larson described the computer as the real gold mine for personal information.

你或许总是把手机带在身边，但马林斯派克认为电脑才是真正的个人信息金矿。

Even if your data were password protected, someone who gained access to your computer “would have access to all your files if they were unencrypted.”

即便你的数据受到密码保护，某个进入你电脑的人还是“可以看到你的所有文件，如果它们没有被加密的话”。

Luckily, both Apple and Windows offer means of automatic encryption that simply need to be turned on.

幸运的是，苹果和Windows都提供了自动加密工具，只需启用即可。

3. The way you handle your passwords is probably wrong and bad.

3. 你处理密码的方式可能是错误而糟糕的。

You know this by now. Changing your passwords frequently is one of the simplest things you can do to protect yourself from digital invasion.

现在你已经知道了这一点。为了保护自己免遭数码入侵，你能做的最简单的事情之一就是常常更换密码。

But making up new combinations all the time is a hassle.

不过，不停地创建新的密码是一件麻烦事。

Mr. Larson recommends password managers, which help store many passwords, with one master password. He said that he uses LastPass, but knows plenty of people who use 1Password and KeePass, and that he doesn’t have a strong reason to recommend one over another.

Not every security expert trusts password managers. Some noted that LastPass itself got hacked last year.

并非每个安全专家都信任密码管理器。一些专家指出，LastPass本身去年就遭到了入侵。

So that means you may want to write them down in one secure location, perhaps a Post-it note at home. It seems more far-fetched that a hacker would bother to break into your home for a Post-it note than find a way into your computer.

因此你或许想要把密码写在一个秘密的地方，也许是家里的一张即时贴上。黑客更加没有可能为了设法进入你的电脑而费事闯进你家寻找一张即时贴。

If you take that route, we suggest setting a weekly or biweekly calendar reminder to change your passwords.

如果你采用这种方法，我们建议你在日历中设定每周一次或者每两周一次的更换密码任务提醒。

As far as making passwords up goes: Don’t be precious about it. Use a random word (an object near you while you’re hunched over your Post-it) and a combination of numbers. If you’re writing passwords down, you don’t have to worry about making them memorable.

4. Protect your email and other accounts with two-factor authentication.

4. 用两步验证保护你的电子邮箱以及其他账号。

When you turn this step on, anyone trying to sign in to your email from new devices will have to go through a secondary layer of security: a code to access the inbox that is sent to your phone via text message. (Though sadly, not through Signal.)

You can also set two-factor authentication for social media accounts and other sites. But email is the most important account, since many sites use email for password recovery, a fact that has been exploited by hackers. Once they have access to your email, they can get access to banking, social media, data backups and work accounts.

Mr. Marlinspike recommended this plug-in, developed by the Electronic Frontier Foundation, a digital security organization. It ensures that you are accessing the secure form of websites, meaning that your connection to the site will be encrypted, and that you will be protected from various forms of surveillance and hacking.

Mr. Larson recommended Tor in his article, a browser that allows for private web activity. But we’re not going to recommend that here, mostly because Tor is relatively slow and clunky at the moment.

拉尔森在他的文章中推荐了Tor，一款让人得以进行私密网络活动的浏览器。但我们在这里不会做这样的推荐，主要原因是Tor目前较为缓慢和笨重。

“I’ll be honest, I don’t use it very often,” Mr. Larson said.

“说老实话，我并没有非常频繁地使用它，”拉尔森说。

He said that he suspected other browsers would start adding ways to browse more securely.

他说他预计其他浏览器也会着手添加能让人更安全地浏览网页的功能。

“Apple is very security conscious,” he said. “I wouldn’t be surprised if they started to incorporate Tor-like features into Safari.”

“苹果的安全意识非常强，”他说。“如果他们开始把类似于Tor的功能融入Safari，我一点儿也不会感到惊讶。”

7. Do searches in DuckDuckGo.

7. 用DuckDuckGo进行搜索。

Mr. Larson said that if people were paranoid about Google, he would strongly encourage them to use DuckDuckGo, an alternative search engine.

拉尔森说，如果有人对谷歌极度不放心，他会强烈推荐他们使用另一款搜索引擎DuckDuckGo。

He said however, that he personally, was not paranoid.

不过他说，他本人对谷歌并无成见。

“Google is built on the hacker ethic and they have put principle above profits in some aspects,” he said.

“谷歌的创建以黑客伦理为基础，他们在某些方面是把原则置于利润之上的，”他说。

But he also acknowledged that he meets “people all the time who are extremely skeptical of any large software organization and I think that’s reasonable.” There are trade-offs. Google’s search results are more useful and accurate than competitors’ precisely because of the ways it collects and analyzes information about its customers’ searches.